da635bc1bad9a647a1e3981b76f91e95_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da635bc1bad9a647a1e3981b76f91e95_JaffaCakes118
Size

54KB
MD5

da635bc1bad9a647a1e3981b76f91e95
SHA1

1692c82a480584919096ade93d34d07843170186
SHA256

fa86a59adf17c662e96e5423616d59a2c371d7f6d9976e0e79ab40ee46cfc35d
SHA512

57f6e18995877e6e0a06c676329d5c7273e62d05d4c60123396f4f6a667cbfba74b3e304c38f4b6e293b8ebcc0e87365f9315f1b42f2fc87c59504d8e4009373
SSDEEP

768:b22FG2q6Ru7bIjvoKvxU5VYS9839ua4sDka3mVRSZqGNj8:b22FG2FRqTexKVYS9Ta4sDkKmGZqGNj8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da635bc1bad9a647a1e3981b76f91e95_JaffaCakes118

Files

da635bc1bad9a647a1e3981b76f91e95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d29e1d2d5809b1e9c6a61c550cbeccc5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

OpenEvent
lstrcpyA
lstrcatA
GetSystemDirectoryA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ